Tag Archives: training

ContraRisk Security Podcast 0012: Phishing & security awareness

» Listen or download now on the podcasts page » Phishing clearly works and is on the rise. It’s often the first step in targeted attacks – so-called Advanced Persistent Threats (APTs). Why has it become so popular with attackers? “I think that you’re attacking the soft underbelly of the organisation, which is the human,” explains Joe Ferrara, CEO of Wombat Security… Read more »

Always look on the bright side

      No Comments on Always look on the bright side

Are we wasting our time trying to raise security awareness among the general populace? Is it time to simply enforce security upon ordinary computer users? Cryptographer and security pundit Bruce Schneier seems to think that training aimed at raising the awareness of corporate employees “is generally a waste of time”. Some of the analogies Schneier makes don’t really stand up… Read more »

Security: a skill for everyone

      No Comments on Security: a skill for everyone

Perhaps it’s about time we stopped thinking of information security purely as a specialist, technical profession and instead embrace it as a fundamental office skill, applicable to anyone whose fingers touch a keyboard. Security awareness among ordinary office workers – even among that mythical tribe of employees known as ‘knowledge workers’ – is patchy to say the least. Where information… Read more »